Created
April 22, 2021 22:49
-
-
Save isaacs/e0607a4f37cda392ecaf783a04558c96 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
set -e | |
export ARBORIST_DEBUG=1 | |
# first case, prevent it from happening in the first place. | |
rm -rf node_modules package-lock.json | |
cat <<PJ > package.json | |
{ | |
"bundleDependencies": [ | |
"pacote", | |
"npm-registry-fetch" | |
], | |
"dependencies": { | |
"npm-registry-fetch": "^9.0.0", | |
"pacote": "^11.3.2" | |
} | |
} | |
PJ | |
arborist reify --before=2021-04-22T18:51:09Z --quiet &>/dev/null | |
npm ls npm-registry-fetch | |
arborist reify --add=npm-registry-fetch@10.1.0 --quiet &>/dev/null | |
npm ls npm-registry-fetch | |
# arborist reify --update=npm-registry-fetch --preferDedupe --quiet &>/dev/null | |
# npm ls npm-registry-fetch | |
npm ls -a >/dev/null | |
if [ -d node_modules/pacote/node_modules/npm-registry-fetch ]; then | |
echo 'duplicate not prevented!' | |
exit 1 | |
else | |
echo 'avoided the problem!' | |
fi | |
# second case, fix it if it DOES happen using the bugged version of npm | |
rm -rf node_modules package-lock.json | |
cat <<PJ > package.json | |
{ | |
"bundleDependencies": [ | |
"pacote", | |
"npm-registry-fetch" | |
], | |
"dependencies": { | |
"npm-registry-fetch": "10.1.0", | |
"pacote": "11.3.2" | |
} | |
} | |
PJ | |
arborist reify &>/dev/null | |
arborist reify node_modules/pacote --add=npm-registry-fetch@10 --before=2021-04-22T18:51:09Z --quiet &>/dev/null | |
arborist actual --save &>/dev/null | |
npm ls npm-registry-fetch | |
if ! [ -d node_modules/pacote/node_modules/npm-registry-fetch ]; then | |
echo 'did not reproduce the problem :(' >&2 | |
exit 1 | |
fi | |
# now we're in the broken state, where pacote nests a nrf 10.0, but | |
# we've previously installed a nrf 10.1 at the top level. dedupe should work. | |
arborist reify --update=npm-registry-fetch --preferDedupe --quiet &>/dev/null | |
npm ls npm-registry-fetch | |
npm ls -a >/dev/null | |
if [ -d node_modules/pacote/node_modules/npm-registry-fetch ]; then | |
echo 'duplicate not fixed!' >&2 | |
exit 1 | |
else | |
echo 'fixed the problem!' | |
fi | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment